package com.wanli.security;
import com.wanli.common.Const;
import com.wanli.common.exception.CaptchaException;
import com.wanli.util.RedisUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Slf4j
@Component
public class CaptchaFilter extends OncePerRequestFilter {
    private final String loginUrl="/login";  //配置默认登录请求地址是什么
    @Autowired
    private RedisUtil redisUtil;
    @Autowired
    private LoginFailureHandler loginFailureHandler;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        //Vue程序提交登录：http://127.0.0.1:10001/login
        String uri = request.getRequestURI();
        //判断请求的路径是否是登录，并且请求方式是否为post
        if(uri.equals(loginUrl) && request.getMethod().equals("POST")){
            log.info("获得login链接，正在校验验证码---{}",uri);
            try {
                validate(request);
            } catch (CaptchaException e) {
                log.info(e.getMessage());
                //交给 (验证码验证)登录验证 失败处理器执行，调用登录验证失败的处理器
                loginFailureHandler.onAuthenticationFailure(request,response,e);
            }
        }
        //不是登录操作，放行执行后面的代码
        filterChain.doFilter(request,response);
    }

    //校验验证码方法
    private void validate(HttpServletRequest request) throws CaptchaException  {
        //登录操作，提交请求参数： username=admin&password=123&code=2fCd5
        String code = request.getParameter("code");
        String key = request.getParameter("key");
        if(StringUtils.isBlank(code)){
            //验证码是null，验证失败，抛出异常(验证码验证失败自定义异常):
            throw new CaptchaException("验证码不能为空");
        }
        //需要从redis取出存储验证码。
        if(!redisUtil.hget(Const.CAPTACHA, key).equals(code)){
            //验证码不一样的操作
            throw  new CaptchaException("验证码不正确");
        }

        //验证码成功
        redisUtil.hdel(Const.CAPTACHA,key);
    }
}
